Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Google is being dumb (Score 1) 90

No. USB-PD is not a "firehose". That is not how electricity works. USB-PD specifies certain discrete voltage levels, but you can draw as much or as little current as you want. Devices are supposed to have a buck converter to adapt the voltage of the input to the voltage of the battery, and they can do so at a wide range of input voltages.

The only reason to raise the voltage at the USB connector is to reduce resistive losses in the cable by reducing the required current. Once the electricity arrives at the device it can be converted to whatever voltage is appropriate for the battery, and it can deliver exactly as much current as it should. There is absolutely no reason whatsoever why USB-PD would cause more damage to a battery than Qualcomm QC, in a correctly designed device.

Comment Re:I don't hate on systemd but this is really bad (Score 1) 508

#define _XOPEN_SOURCE 700
#include <signal.h>
#include <unistd.h>
int main() {
        sigset_t set; int status; if (getpid() != 1) return 1;
        sigfillset(&set); sigprocmask(SIG_BLOCK, &set, 0);
        if (fork()) for (;;) wait(&status);
        sigprocmask(SIG_UNBLOCK, &set, 0); setsid(); setpgid(0, 0);
        return execve("/etc/rc", (char *[]){ "rc", 0 }, (char *[]){ 0 });
}

Comment Re:It's not that bad. (Score 1) 111

It's not a year-long suspension. It's a permanent suspension of trust in their current roots. They can, however, re-apply after one year - with extra auditing over what is normally required - and if and when they pass that they may be let in again. If they do nothing, they don't get back in for free after a year.

Comment Re:Fabrice Bellard is awesome. (Score 4, Informative) 92

Too bad this isn't his.

Fabian Hemmer (http://copy.sh/, copy@copy.sh)

I have no idea where the submitter got Fabrice Bellard from. This is hosted on a completely different site and authored by a completely different person. Yes, more than one person is capable of implementing an x86 emulator in Javascript. Bellard wrote his and never released the (editable) source; this guy, OTOH, wrote a more compatible emulator of his own (runs more than Linux) and open sourced it.

This is also old news, I remember seeing it quite some time ago. The site has been up since 2014. Slow news day much?

Submission + - Malibu Media stay lifted, motion to quash denied

NewYorkCountryLawyer writes: In the federal court for the Eastern District of New York, where all Malibu Media cases have been stayed for the past year, the Court has lifted the stay and denied the motion to quash in the lead case, thus permitting all 84 cases to move forward. In his 28-page decision (PDF), Magistrate Judge Steven I. Locke accepted the representations of Malibu's expert, one Michael Patzer from a company called Excipio, that in detecting BitTorrent infringement he relies on "direct detection" rather than "indirect detection", and that it is "not possible" for there to be misidentification.

Comment Re:The solution is horribly obvious (Score 1) 84

The problem is not "trusting" the proprietary crap, the problem is trusting it to improve security in any measurable way.

Android full disk encryption is just as secure as LUKS (in fact, under the hood it's dm-crypt just like LUKS, the key derivation is just different). This doesn't break the FDE. You still need the passphrase. What this does is break the "you need the hardware to access the FDE and we're going to impose additional non-provable restrictions such that you can keep using your 4-digit PIN and it'll be secure, promise" bunch of hot air that vendors like to sell you. Just like the FBI cracked that iPhone's FDE - by bruteforcing the passcode. This lets you bruteforce Android's FDE offline after a one-time attack on the hardware.

I use CyanogenMod on my phone. I have my FDE passphrase set to a long string, independent of my (shorter) unlock code. This attack doesn't affect me because my FDE passphrase is not bruteforceable in a reasonable amount of time. This only affects people who still think using a 4-digit PIN to secure FDE on their phone is a good idea because Apple and Qualcomm pinkie-promise that their secure tamperproof hardware can limit bruteforce attempts enough to make that a reality.

Comment Re:Blantant? (Score 5, Interesting) 181

A security researcher who goes around looking for ATM skimmers should know that the magstripe reader always goes along with a camera for the PIN pad, and that the electronics inside the card reader part aren't the whole story.

It's completely obvious once you look for it, once you know a skimmer was installed on the card slot, especially having another pristine ATM right next to it to compare. Nobody's going to blame someone for not noticing a skimmer in the first place, but once you know one was installed, yes, the PIN pad part is blatant.

Comment Re:Actually 3rd point was agreement with trial jud (Score 1) 23

Actually whoever the new guy is, I don't find the site to be "improved" at all; seems a little crummy. The story was butchered and incorrectly interpreted, and the all important software for interaction seems less interactive.

But what do I know?

As to my absence I've been a bit overwhelmed by work stuff, sorry about that, it's no excuse :)

Slashdot Top Deals

An adequate bootstrap is a contradiction in terms.

Working...